Simple Network Management Protocol (SNMP) allows network administrators to monitor nodes on a network from a central management station. It uses agents residing on devices that provide information to managers. SNMP uses a management information base (MIB) to define objects that agents expose and managers can query using get, getnext, and set commands. SNMPv1 uses community strings for security while SNMPv3 adds authentication, encryption, and access control to securely manage large, complex networks.

2.  Simple Network Management Protocol (SNMP) is a
popular protocol for network management.
 It is used for collecting information from, and
configuring, network devices, such as
servers, printers, hubs, switches, and routers on an Internet
Protocol (IP) network.
 Simple Network Management Protocol (SNMP) is a widely
used protocol designed to facilitate the management of

3.  Large networks with hundreds or thousands of nodes are
difficult to manage without a large staff to monitor every
computer.
 SNMP, which is widely used in local area networks
(LANs), lets you monitor network nodes from a
management host.
 You can monitor network devices such as
servers, workstations, printers, routers, bridges, and
hubs, as well as services such as Dynamic Host
Configuration Protocol (DHCP) or Windows Internet
Name Service (WINS).
 Use SNMP management software to monitor any network
device on which you install SNMP agent software.

4. The SNMP architecture is composed of three major elements:
 Managers (software) are responsible for communicating
with (and managing) network devices that implement
SNMP Agents (also software).
 Agents reside in devices such as
workstations, switches, routers, microwave
radios, printers, and provide information to Managers.
 MIBs (Management Information Base) describe data
objects to be managed by an Agent within a device. MIBs
are actually just text files, and values of MIB data objects
are the topic of conversation between Managers and
Agents.

5.  Before we go any further, we need to introduce the
concept of Object Identifiers or OID’s. Each MIB object
definition has a unique OID, which is a dotted listed of
integers.
 When Managers and Agents communicate, they refer to
MIB data objects using OID’s.
 An OID sent with a corresponding value {OID,Value} is
referred to as “binding”.
 Managers can be viewed as Clients; and Agents, as
Servers. The operations between Managers and Agents
are quite simple:

6.  “get” commands are sent by a Manager to an Agent to
request data values defined by a MIB. The Agent will
respond with the requested values. Closely related requests
are “getnext” and “getbulk”.
 A Manager can also send “set” commands to an Agent. If
the MIB defines a data object as read-write, then the Agent
will accept the data value sent with the “set” command and
process it appropriately (store it or execute appropriate
action).
 Agents will send unsolicited “traps” (alarms) to Managers
to alert them to important events.

7. Standards Topics can generally be categorized into:
 Messaging protocols between Managers and
Agents (which encompasses security issues)
 MIB syntax standards
 “Standard MIB” definitions

8. Three messaging protocols exist:
 SNMPv1 was the first protocol introduced, and it is still
widely used. It implements
“get”, “getnext”, “getresponse”, “set”, and “trap” operations.
Security for SNMPv1 is based on a “community string” that
is transmitted with each message. The community string
acts as a password. If the Manger includes the correct
password in a request to an agent, the agent will send a
response. The community string is not encrypted and thus
the security it provides is quite weak.

9.  SNMPv2 usually refers to SNMPv2c (other v2’s were
proposed, but only v2c survives today).
It introduced the ability to transmit SMIv2 MIB-definitions
of type “Counter64”.
SNMPv2c also provides expanded messaging operations:
“getbulk”, “inform”, “report”, and a new “v2trap” operation
(same functionality as the v1 “trap”). It also introduced
enhanced error responses by Agents.
SNMPv2c utilizes the same community string security as
SNMPv1.

10.  SNMPv3 is the most recent introduction, and it is a major step
forward in improving security. Security enhancements include:
User Authentication: Verification of the identify of the SNMP
Entity (Manager or Agent) sending the request. Managers and
Agents share knowledge of valid users, and there is a shared
secret key defined for each user. When an Entity sends an
SNMPv3 message, the secret key is used to create a hash of the
message, and this hashed value is included with the message. If
the receiving Entity can recreate this hash, then the message is
said to be “authenticated” as from a valid user.
Encryption: Message payload can be optionally encrypted
based on a second shared key.

11.  VACM (View Access Control Model): Agents can now
be configured to control who can access which MIB
Objects under agent management. For example, User
= “Operations Supervisor” can access critical read-
write control data, while User = “Plant Monitor” can
access only read-only status data.
Message Timeless Checks ensure that messages are not
delayed or replayed.

12.  MIBs are written in either of the following two syntax
standards:
SMIv1 is the earliest version and was introduced along with
SNMPv1. SMIv1 MIBs are very functional and very common.
Data defined by SMIv1 MIB Objects can be transmitted
between Managers and Agents by any of the three
messaging protocols, viz., SNMPv1, SNMPv2c, or SNMPv3.

13.  MIv2 was introduced along with SNMPv2c. Major
enhancements include:
Introduction of new data base types, including the
“Counter64” data type.
Although derived data types could be defined in
SMIv1, SMIv2 formalizes this syntax and also defines
some “Standard Textual Conventions” such as “Display
String”.

14. Depending on the origin (author) of a MIB, we can
categorize MIBs into either:
 Enterprise MIBs
 Or Standard MIBs
Enterprise MIBs are authored by non-standards-
committee organizations, e.g., Cisco or HP. All such
organizations must apply for a unique “Enterprise ID”
issued by the Internet Assigned Number Authority
(IANA). Enterprise MIBs are then organized under these
unique ID’s.

15.  Standard MIBs are authored by persons
associated with the IETF. For example, a standard
Printer MIB exists, and printer manufacturers
commonly implement an Agent to support this
MIB in addition to their own Enterprise MIBs.

16. Strengths
 Many standard MIBs available
 Widespread popularity
 Agents have low impact on monitored system
resources
 Well suited to monitoring
 Many products available

17. Weaknesses
 Not bandwidth efficient
 Not as comprehensive as some other protocols
 Complicated message encoding rules
 Security has been on on-going concern. SNMPv3 was
developed in response to this issue.
 UDP, or other connectionless, protocol is used, which
creates issues regarding verification of operations: Trap-
Send verification (did it really reach the Manager?);
Verification (success) of any “set” operation to an
Agent. However, cleverly designed MIBs and Manager
logic can overcome these problems.

18. Here are some typical uses of SNMP:
 Detecting device faults, or recovery from faults
 Monitoring device performance
 Collecting long term performance data
 Remote configuration of devices
 Remote device control

19. Books
 Understanding SNMP MIBs by David Perkins &
Evan McGinnis. Prentice Hall, 1997
 SNMP, SNMPv2, SNMPv3, and RMON 1 and 2 by
William Stallings. Addison-Wesley, 1996
 Essential SNMP by Mauro &
Schmidt. O’Reilly, 2005
 A Practical Guide to SNMPv3 and Network
Management by David Zeltserman. Prentice-Hall
PTR, 1999

20. Thank You